2

I'm encrypting one of the standard TDEA/3DES/DES-EDE test vectors with openssl:

<?php
$key = pack('H*', '0123456789ABCDEF' . '23456789ABCDEF01' . '456789ABCDEF0123');

$result = openssl_encrypt('The quick brown fox jump', 'des-ede3', $key, OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING);

echo chunk_split(bin2hex($result), 16, ' ');

(des-ede3 is ecb mode)

This gives 1ccf23869d09333e cce21c8112256fe6 68d5c05dd9b6b900 as the result.

But the test vector for TDEA in ECB mode in NIST SP 800-67 Appendix B.1 states that the output should be A826FD8CE53B855F CCE21C8112256FE6 68D5C05DD9B6B900.

So what's up?

archie
  • 1,998
  • 17
  • 28
neubert
  • 2,969
  • 1
  • 29
  • 58

1 Answers1

4

It looks like there's an error in the test vector.

The text of Appendix B.1 states:

P1 = “The quic” = 5468652071756663

... which is incorrect.

The hex encoding of The quic is actually 5468652071756963 (note the transposition of the i/69 to an f/66 in the encoding.

e.g. encrypting the test vector as intended:

$ echo -n 'The quick brown fox jump' | openssl  des-ede3 -nosalt -nopad -K '0123456789ABCDEF23456789ABCDEF01456789ABCDEF0123'  | xxd -c 8 -ps
1ccf23869d09333e
cce21c8112256fe6
68d5c05dd9b6b900

... and encrypting the test vector as hex encoded:

$ echo -n 'The qufck brown fox jump' | openssl  des-ede3 -nosalt -nopad -K '0123456789ABCDEF23456789ABCDEF01456789ABCDEF0123'  | xxd -c 8 -ps
a826fd8ce53b855f
cce21c8112256fe6
68d5c05dd9b6b900

It looks like this error has been in NIST SP 800-67 since version 1 in 2004.

archie
  • 1,998
  • 17
  • 28